Giskismet query, how to select specific data?

Question

I’m basically trying to get some stats from my war drive kismet database using giskismet but I’m finding it difficult to get specific data.

Things I'm trying to do:

Count how many wireless BSSID’s there are in total

How many are WEP/WAP, using to calculate what present are WEP/WPA

Get the make of the wireless eg netgear and count how many are WEP/WPA

Is this possible to do with giskismet? iv tried “select BSSID from wireless” –o test.xml but I get errors. The same happens if I try anything other than “select*from wireless”. But this outputs everything to one massive xml file which is incredibly hard for me to search through as I don’t know much xml.

Does anyone have any ideas how I could get data from the wireless.dbl, it’s in sqllite I think if that helps.

Curious as to what problem you are trying to solve and if inSSIDer can solve it easier for you -- http://www.metageek.net/products/inssider/ ? — atdre, Apr 10 '11 at 21:51
Another suggestion would be to learn XML. The libxml2 package comes with xmllint -- which has a --shell flag and a "help" directive that works like a Unix or NT command line with commands such as du, grep, ls, cat, and pwd. It also supports xpath expressions, which you need to learn if you are going to parse XML. There is another for more advanced operations called xmlstarlet, but really both of these are easy to use! — atdre, Apr 10 '11 at 22:36

score 3 · Accepted Answer · answered Apr 11 '11 at 09:55

3

Analysing kismet XML is the best way to go on this one. There's a script that I've knocked up which should do most of what you're looking for, but feel free to look through it and modify for your purposes.

I'm planning to put it in a github repo at some point, but it needs cleaned up a bit before that. That said it should work ok for you at the moment, so here's a link to the code

you'll need to get ruby installed and working, along with the nokogiri and ruport gems.

answered Apr 11 '11 at 09:55

Rory McCune

60,923
14
136
217

Cheers guys, looks like the way forward is to use xml searching to get the data out. Will have a play with your scrip Rory thanks. – notaprofessional Apr 11 '11 at 20:28

score 1 · Answer 2 · answered May 15 '12 at 00:21

(Sorry for posting on this "more-than-a-year-old" question, came across the topic while searching for somethings similar, hopefully it can help someone)

Giskimet stores the imported access points in a SQLite3 database, a suitable format for data mining. While Giskismet ouputs KML graphs, if you have access to the SQLite shell (http://www.sqlite.com/download.html) or if you import the database into another db engine you can easily access the data with SQL queries.

Count how many wireless BSSID’s there are in total:

Select count(*) from wireless;

How many are WEP/WAP, using to calculate what present are WEP/WPA

Select count(*) from wireless where wireless.Encryption like '%wep%' or wireless.Encryption like '%wpa%';

Get the make of the wireless eg netgear and count how many are WEP/WPA

Select count(*) from wireless where wireless.Manuf like '%netgear%' and (wireless.Encryption like '%wep%' or wireless.Encryption like '%wpa%');

To build your queries you can see/use the Giskismet wireless table schema here: http://www.irongeek.com/i.php?page=backtrack-r1-man-pages/giskismetp

Giskismet query, how to select specific data?

2 Answers2